Windows 8 Tip of the day – How to recover ~6GB of space on your Microsoft Windows Surface

Here is how you can recoup ~6GB of space on your 32GB Surface.  Here is what you need to do:

(edited to fix link, add comment about removing the recovery partition.)

1. Note this will prevent the machine reset from being able to happen.  If you don’t care about resetting your machine, Step 1 is for you!  If not proceed to Step 2.

Delete the recovery partition – (create USB recovery drive)

Create a USB recovery drive

http://www.microsoft.com/Surface/en-US/support/surface-with-windows-rt/files-folders-and-online-storage/create-a-recovery-drive

2. Remove Windows Update cached data (will not be able to uninstall hotfixes afterwards though):

a. Stop the “Windows Update” service

b. Delete the folders/files under the “C:\Windows\SoftwareDistribution\Download” folder

c. Start the “Windows Update” service

 

Again these tips are brought to us via Robert Mitchell!

 

He’s this guy:

http://social.technet.microsoft.com/profile/robert%20mitchell%20%5Bmsft%5D/

and

http://www.linkedin.com/pub/robert-mitchell/3/a0a/551

and

http://www.windowsitpro.com/author/5787734/RobertMitchell

The Dude does AngelBeat!

Check it out, the Dude will be presenting at Atlanta’s AngelBeat on Monday the 28th.  http://www.angelbeat.com/events/492/

 

Also presenting at the Birmingham Alabama one on Tuesday the 29th.  http://www.angelbeat.com/events/493

 

I’ll be talking on the session:

 

1:45 – 2:15: Microsoft Windows 8/Office2013 Preview, Systems Center 2012, Azure Cloud Offerings
Windows 8 delivers experiences users want, offers new possibilities for mobile productivity, and provides IT with a more secure, easy-to-manage infrastructure. It’s Windows reimagined and reinvented from a solid core of Windows 7 speed and reliability. It’s an all-new touch interface. It’s a new Windows for new devices. Windows 8 offers seamless integration with Office2013 and cloud-based Office365. This exciting new client platform from Microsoft will be previewed/demonstrated, plus you will gain insights on upgrade options between Windows 7 and 8.

Microsoft System Center 2012 is a comprehensive management platform that enables you to more easily and efficiently manage your IT environments, including your server infrastructure and client devices. With System Center 2012, you get the most cost effective and flexible platform for managing your traditional datacenters, private and public clouds, and client computers and devices. System Center 2012 is the only unified management platform where you can manage multiple hypervisors, physical resources, and applications in a single offering, versus multiple fragmented point solutions delivered by competitors.

Windows Azure is an open cloud platform that enables you to quickly build, deploy and manage applications across a global network of Microsoft-managed datacenters. You can build applications using any language, tool or framework. Azure has been widely used by corporations to handle peak demand in customer-facing web applications, such as Pizza orders during the Superbowl or post-Thanksgiving online shopping, with no additional capital spending.

20 minute delay deploying Windows 7 on 802.1x? Fix it here!

Someone mentioned to me that he has a 20 minute delay deploying Windows 7 to 801.1x EAP networks.  They noted http://support.microsoft.com/kb/978152 which is “A Windows Vista-based or Windows Server 2008-based computer does not respond to 802.1X authentication requests for 20 minutes after a failed authentication”.

 

But didn’t see a fix similar for Windows 7.  So, what do they do?  They ask PFE of course!  I got together with Yong Rhee and Carl Luberti and we kicked the tires a few and found that to fix this you need to likely do two things:

1)  Apply http://support.microsoft.com/?id=976373 which is “A computer that is connected to an IEEE 802.1x-authenticated network via another 802.1x enabled device does not connect to the correct network” and then add the registry key to modify the timeout value:

For wired networks
To use the new registry setting in a wired network, follow these steps:

1. Open Registry Editor. To do this, click Start

Collapse this imageExpand this image

clip_image001

, type regedit in the Start Search box, and then press ENTER.

2. Locate and then right-click the following registry subkey:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dot3svc

3. Point to New, and then click DWORD Value.

4. Type BlockTime, and then press ENTER.

5. Right-click BlockTime, and then click Modify.

6. Click Decimal under Base.

7. In the Value data box, type an appropriate value for the blocking period, and then click OK. The value that you specify for this registry entry represents the number of minutes that the system waits before it retries a failed authentication. The default value is 20 and the valid range is 1 – 60. If you set this key to 0, it will not apply at all.

8. Exit Registry Editor.

For wireless networks
To use the new registry setting in a wireless network, follow these steps:

1. Open Registry Editor. To do this, click Start

Collapse this imageExpand this image

clip_image001

, type regedit in the Start Search box, and then press ENTER.

2. Locate and then right-click the following registry subkey:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\wlansvc

3. Point to New, and then click DWORD Value.

4. Type BlockTime, and then press ENTER.

5. Right-click BlockTime, and then click Modify.

6. Click Decimal under Base.

7. In the Value data box, type an appropriate value for the blocking period, and then click OK. The value that you specify for this registry entry represents the number of minutes that the system waits before it retries a failed authentication. The default value is 20 and the valid range is 1 – 60. If you set this key to 0, it will not apply at all.

Exit Registry Editor.

Setting the value to something smallish, like say, 2.

Hope this helps you in your deployments!

Jeff, Carl and Yong

The network impact of a Windows 8 RT device on your network.

Edited!

So someone had this question.  It’s a good one.  I didn’t know the answer so I found out….

 

Articles here and here would indicate that network traffic should be both intermittent and light.  So….lets check it out.

The Test:  I built a Windows 8 VM in my lab.  Updated it, updated default Windows Store Applications, created a new user account that I had never logged in as and then setup a netsh trace session from an elevated command prompt:

 

mkdir c:\trace

cd c:\trace

netsh trace LAN capture=yes report=yes tracefile=c:\trace\file.etl

 

And then I logged out and logged into the new ID.  The plan was to run it for 20-30 minutes but I went downstairs to talk to the wife and you know how that goes so an hour or so later I remembered my test!  Went upstairs and logged out, logged in as my administrator user and opened an elevated command prompt and did:

 

cd c:\trace

netsh trace stop

It looked like this:

 

image

Which isn’t horribly exciting, but the etl file and file.cab file are Smile

So I put them on my debugging machine via SkyDrive and went to town.

The Results:

Very little traffic, most of it in spurts, every 5 minutes as expected. 

image

You can see it in the graphic above.  I’ll actually need to do a longer trace to get a better feel for statistics, but I wouldn’t sweat a Windows 8 RT or Pro device on your network.

Windows 8 Tip of the Day–Bitlocker PIN

Today’s tip…

While it still requires administrative privileges to configure BitLocker, with Windows 8, standard users can now by default change their own PIN/Password.  It is recommended that this be used in conjunction with the ‘Configure use of passwords’ GPO setting to enforce length and complexity.

One thing this means for enterprises is that they will be able to do their Windows deployments all with the same PIN/Password and allow their users to change it post-installation.

By default, this feature is included in Windows 8.

If you do not want this feature, then you can enable a GPO to Computer Configuration\Administrative Templates\BitLocker Drive Encryption\Operating System Drive \Disallow Standard Users to change PIN or Password.

Windows 8 Tip of the Day–Bitlocker

Today’s tip…

Previously, BitLocker encryption has been an ‘all or nothing’.  Either a volume was completely encrypted or it was not.  Windows 8 brings us a new option, ‘Encrypt Used Disk Space Only’.  Just like it sounds, this option allows us to encrypt only the parts of the volume that are currently in use.  As files are added to the volume, they are encrypted as well.

To the end-user this means a much shorter time for BitLocker to complete the initial encryption process for new volumes.  For volumes that already have data on them, it is recommended that the ‘Encrypt entire drive’ option be used.

There is a GPO, which you can use to enable Used Space Encryption for Windows 8.

Computer Configuration\Administrative Templates\BitLocker Drive Encryption\Operating System Drive\Enforce Drive Encryption type on Operating System Drive:

  • Allow User to Choose
  • Full Encryption
  • Used Space Encryption

This GPO is also available for Fixed Data Drives and Removable Drives.

Manage-bde Command:

  • Manage-bde –protectors –on C: -rp –used

How to get Best Practice Analyzers to collect with PowerShell!

This update comes to us from Chuck Timon, a SSEE in CTS…

 

In PowerShell, run –

Get-BPAResult –ModelId Microsoft/Windows/Hyper-V > c:\temp\hyper—vbpa.txt

Or to get a filtered output

Get-BPAResult –ModelId Microsoft/Windows/Hyper-V | fl ComputerName,Severity,Category,Title,Compliance > c:\temp\hyper-vbpa_formatted.txt

 

How cool is that?!

Windows 8 Tip of the Day

Today’s tip…

To quickly start your Windows8/Server 2012 machine – Bring up Charms (Winkey+I OR mouse around in bottom-right corner to bring up Charms) – Settings which brings up the below screens (at the regular desktop OR at the Modern Desktop)

 

clip_image001

clip_image002

Windows 8 Tip of the Day–NTFS changes in Windows 8

Good Morning Internet, todays tip of the day is on Windows 8 and NTFS changes made:

There is a fundamental change to NTFS in how we handle file system inconsistencies.  Previously, there were a number of reasons that Windows would mark the file system dirty and urge the user to run a Chkdsk /f.  Depending on the size of the data set, this could mean hours or even days of downtime. 

The new approach is to catalog the inconsistencies, verify them, and fix them while the volume is still online when possible.  If it is not possible to repair the file system while online, instead of prompting the user to run a full Chkdsk /f, they will be prompted to run a Chkdsk /spotfix.  This will take the volume offline and fix the cataloged issues, rather than needlessly checking the entire file system.  This reduces the time of running Chkdsk to minutes or even seconds.

While it is still possible to run a traditional Chkdsk /f, it is not likely that it will be needed.

Tip of the Day for Windows 8!

A new blog series from the Great Robert Mitchell by way of the Dude!  Who is Robert Mitchell you may ask?!?!

 

He’s this guy:

http://social.technet.microsoft.com/profile/robert%20mitchell%20%5Bmsft%5D/

and

http://www.linkedin.com/pub/robert-mitchell/3/a0a/551

and

http://www.windowsitpro.com/author/5787734/RobertMitchell

Anyway, this is a series that runs internally for folks and the Dude said “hey, why don’t we socialize this?” and Robert was like “no way” and I was like “way” and he was like “dude” and I was like “righteous”…

 

So…

 

Today’s tip…

In Windows storage spaces, a 2-way mirror requires at least 2 physical disks.  However, a 3-way mirror requires at least 5 physical disks.

The reason is that a 3-way mirror uses a quorum.  In order to keep running, the mirror space must keep over 50% of the disks functioning.  So a 3-way mirror must have at least 5 physical disks to be able to survive the loss of up to 2 physical disks.

A 2-way mirror does not require this type of majority vote.

NOTE:  This is the same in both client and server.